The following report is by The Epoch Times:
Hackers affiliated with the Islamic Revolutionary Guard Corps (IRGC) have engaged in “malicious cyber activity” targeting PLC operational technology devices used in the U.S. water and wastewater systems sector, and in other industries including energy, food, and beverage manufacturing, since at least Nov. 22, the agencies said in a Dec. 1 alert.
The agencies that issued the warning include the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA), with the Israel National Cyber Directorate (INCD) joining in the advisory.
This IRGC-linked cyberattack group (known variously as CyberAv3ngers, CyberAveng3rs, or Cyber Avengers) has been compromising default credentials in Unitronics devices since at least Nov. 22, the agencies said.
After hacking the PLC devices in multiple states, CyberAv3ngers left the following defacement message: “You have been hacked, down with Israel. Every equipment ‘made in Israel’ is CyberAv3ngers legal target.”
The cyber group has claimed responsibility for numerous attacks against critical infrastructure in Israel starting in 2020; it has recently turned its attention to targets in the United States, a key ally of Israel as it battles the Hamas terror group in response to the Oct. 7 attacks against Israel.
One high-profile attack by CyberAv3ngers targeted a water authority near Pittsburgh on Nov. 25, prompting congressional lawmakers to demand an investigation by the Department of Justice (DOJ) and triggering the latest multi-agency warning that other water and sewage-treatment utilities, and other industries, may be vulnerable.
The PLC devices regulate processes including pressure, temperature, and fluid flow, according to Unitronics.
Pennsylvania Water Utility Attacked
A cyberattack by the Iran-linked group on Nov. 25 targeted the Municipal Water Authority of Aliquippa, Pennsylvania, forcing the utility to switch to manual operations; officials said water quality wasn’t compromised.
“The affected municipality’s water authority immediately took the system offline and switched to manual operations—there is no known risk to the municipality’s drinking water or water supply,” the CISA said in a Nov. 28 notice.
While water quality wasn’t affected this time, the agency said that such cyberattacks do have the potential to threaten the ability of water and wastewater systems to provide clean drinking water to residents and to effectively manage wastewater.
The hackers accomplished their attack by exploiting cybersecurity weaknesses, including poor password security and exposure to the internet, according to the CISA. The agency urged water and wastewater facilities to take preventive measures including changing passwords and disconnecting the PLCs from the open internet.
Several Pittsburgh-based cybersecurity firms said that utility companies are more vulnerable to cyberattacks targeting operational technology because many of these systems are dated and monitored infrequently.
Take a Fortune 500, or any type of large manufacturer or utility—instead of breaking in through their firewalls and trying to get to their data, [hackers have] the ability to try to go in and interfere with their systems.
David Kane, CEO of Pittsburgh-based Ethical Intruder, told the Pittsburgh Post-Gazette.
“I think you’re gonna see a big rise in that because there’s just so few protections on it,” he said, adding that an attack on the operational technology side is “very alarming.”
In its latest warning, the CISA and the other agencies shared a number of indicators of compromise (IOC), as well as tactics, techniques, and procedures (TTP) associated with the Iran-linked cyber group’s operations.
Lawmakers Demand Probe
The cyberattack prompted several congressional lawmakers from Pennsylvania to demand that the Department of Justice (DOJ) launch an investigation into how the foreign hacking group managed to breach a U.S.-based water facility.
“Any attack on our critical infrastructure is unacceptable,” U.S. Rep. Chris Deluzio (D-Pa.) said in a post on X. “It poses a threat not only to Western PA, but also the nation.”
Mr. Deluzio, along with U.S. Sens. John Fetterman (D-Pa.) and Bob Casey Jr. (D-Pa.) wrote a letter to U.S. Attorney General Merrick Garland on Nov. 28, saying that Americans need to be confident that their drinking water and other basic infrastructure is safe.
If a hack like this can happen here in western Pennsylvania, it can happen anywhere else in the United States.
The lawmakers wrote.
The attack came less than a month after a federal appeals court decision prompted the Environmental Protection Agency (EPA) to rescind a rule that would have obliged U.S. public water systems to include cybersecurity testing in their regular federally mandated audits.
The rollback was triggered by a federal appeals court decision in a case brought by Missouri, Arkansas, and Iowa, and joined by a water utility trade group.
Unitronics didn’t respond by press time to queries as to whether other facilities with its equipment may have been hacked or could be vulnerable.
AUTHOR COMMENTARY
And where was this on headline news? This story barely got a mention and has already fallen out of circulation.
Without getting into the veracity of the hack itself and who is responsible for it – the main takeaway here is for you to check yourself, and analyze your situation and preparations. I have repeatedly said that a major hack attack and grid-down scenario is coming, for which will cause mass chaos and panic will ensue.
Let this be a reminder to be prepared and heed the warning signs. Water is the most important commodity you can have: having access to fresh streams, private wells (and functionality if the power goes out), backstock and storage, rain collection, and filtration and purification, and so forth.
A prudent man foreseeth the evil, and hideth himself; but the simple pass on, and are punished.
Proverbs 27:12
Now, as for who is really behind this – I never trust anything the U.S. government says, so I would not be shocked if they were the ones behind this mess. In 2021 I reported on how CISA, FBI, and NSA had issued a joint statement warning of cyber attacks on food and water systems, in what they called a “national security threat.” Well, well, well, what a coincidence…
[7] Who goeth a warfare any time at his own charges? who planteth a vineyard, and eateth not of the fruit thereof? or who feedeth a flock, and eateth not of the milk of the flock? [8] Say I these things as a man? or saith not the law the same also? [9] For it is written in the law of Moses, Thou shalt not muzzle the mouth of the ox that treadeth out the corn. Doth God take care for oxen? [10] Or saith he it altogether for our sakes? For our sakes, no doubt, this is written: that he that ploweth should plow in hope; and that he that thresheth in hope should be partaker of his hope. (1 Corinthians 9:7-10).
The WinePress needs your support! If God has laid it on your heart to want to contribute, please prayerfully consider donating to this ministry. If you cannot gift a monetary donation, then please donate your fervent prayers to keep this ministry going! Thank you and may God bless you.
Don’t doubt the govs involvement with anything anymore